What is Presidio XDR?

Presidio XDR is a unified Extended Detection and Response platform that integrates SIEM, SOAR, deception, threat intelligence and case management. It is built for MSPs, MSSPs and IT partners who need multi-tenant security operations.

How does Mirage detect threats?

Mirage deploys realistic honeypots (SSH, HTTP, SMB) and credential traps across your network. Any interaction with a decoy triggers an immediate alert, catching lateral movement and insider threats with near-zero false positives.

Is Cipher free to use?

Yes. Cipher Risk Matrix is a completely free cyber risk assessment tool. It covers 6 industry sectors and 10 risk categories, generating a prioritized action plan in minutes. Available in Italian and English.

What pricing tiers does VALTA offer?

VALTA offers three tiers: Free (community tier with basic threat feeds), Professional at EUR 49.99/month (full threat intelligence with dark web monitoring), and Enterprise at EUR 99.99/month (dedicated instance with SIEM/SOAR integration and priority support).

Does Securitix help with NIS2 compliance?

Yes. Both Presidio XDR and VALTA include automated compliance reporting for NIS2, ISO 27001 and GDPR, making audit preparation and documentation straightforward.

White-Label MDRXDR / SIEM + SOARNIS2 ReadyFull MultitenancyOpen-Source Stack

Presidio

XDRforPartners.

Offer your clients 24/7 MDR without building a SOC.

White-label SOC platform with detection, response, forensics and compliance — ready to resell under your brand. Full open-source stack on managed infrastructure.

See Partner Plans Become a Partner

Why partner

Add MDR to Your Portfolio. Keep 100% of the Relationship.

Building a SOC takes years and millions. Presidio gives MSPs and MSSPs a production-ready XDR platform they can resell from day one.

Recurring Revenue

Add a high-margin MDR line to your portfolio. Per-endpoint pricing keeps margins predictable as you scale.

Zero Build Cost

Skip the multi-year SOC investment. Presidio is ready to deploy under your brand in days, not quarters.

Your Brand, Our Engine

White-label dashboards, reports and alerts. Your clients see your logo, your domain, your SLA.

Full Multitenancy

Every client is isolated end-to-end: agents, storage, dashboards, forensics and case management.

Compliance Built-In

Auto-generated reports for NIS2, GDPR Art.32 and ISO 27001. Audit-ready, always current.

Dedicated Partner Support

Technical onboarding, co-selling materials and escalation paths. We succeed when you succeed.

The stack

Six Technologies, One Platform.

Every component is open-source, integrated and orchestrated. Zero vendor lock-in. Full transparency for you and your clients.

Detection & Monitoring

Wazuh SIEM

Real-time event correlation with 16 custom rules for Italian SMEs. MTTA under 1 second.

Automation & Response

Shuffle SOAR

5 automated playbooks: from triage to remediation in under 30 seconds.

Forensics On-Demand

Velociraptor

Remote forensic analysis on any endpoint. Proactive hunting and automated collection.

Threat Intelligence

MISP

75,369 IOCs from 8 international feeds. Automatic enrichment of every alert.

Case Management

DFIR-IRIS

Structured incident management with timeline, evidence and chain of custody.

Client Dashboard

Grafana Portal

Dedicated white-label portal for each client. Real-time visibility on security posture and compliance.

How it works

First Client Live in 24 Hours.

Three steps. No hardware. No downtime for your clients.

Partner Onboarding

We configure your white-label environment, branding and tenant structure. Typically completed within 48 hours.

Client Deployment

Lightweight agent install on client endpoints. No hardware, no VPN. First client live within 24 hours.

Detect, Respond, Report

5 SOAR playbooks handle detection, correlation and response automatically. Compliance reports generated on demand.

<1s

MTTA

<30s

MTTR

75,369

Active IOCs

SOAR Playbooks

Partner pricing

Transparent Pricing, Healthy Margins.

Wholesale per-endpoint rates. You set your own end-client price. No hidden costs. No binding contracts.

MonthlyAnnual

Shield

Essential monitoring and compliance reporting.

€10 /endpoint/month

Ideal for clients needing visibility without complexity.

Wazuh SIEM + base rules

Monthly compliance report

Email alerts

Dedicated Grafana dashboard

Email support

Start with Shield

Sentinel

Full automation and threat intelligence.

€25 /endpoint/month

Ideal for clients with NIS2 obligations or critical supply chains.

Everything in Shield, plus:

SOAR automation (5 playbooks)

MISP threat intelligence

Velociraptor forensics

Automatic active response

Vulnerability assessment

NIS2 + GDPR + ISO reports

Start with Sentinel

Fortress

Dedicated SOC and full case management.

€50 /endpoint/month

Ideal for clients with SOC requirements or enterprise supply chain mandates.

Everything in Sentinel, plus:

DFIR-IRIS case management

Dedicated SOC analyst

Custom detection rules

SLA: 4-hour response

On-demand compliance reports

Priority forensics

Start with Fortress

FAQ

Frequently Asked Questions.

You resell Presidio under your own brand. Dashboards, reports and alerts carry your logo and domain. Your clients interact with your company, not ours. We are the invisible engine behind your MDR offering.

No. Presidio uses a lightweight software agent installed on existing endpoints. No hardware, no VPN, no network changes. The XDR infrastructure is fully managed by us.

24 hours from enrollment to the first operational dashboard. The agent installs in minutes per endpoint and starts collecting and correlating events immediately.

Every client is fully isolated at every level: dedicated agents, separate storage, private dashboards, independent APIs, isolated forensics and private case management. Data is never shared between tenants.

Absolutely. The Shield tier operates autonomously with automatic alerts. The Fortress tier includes a dedicated SOC analyst who handles everything from detection to response and management reporting.

SOAR playbooks activate automatically: alert triage, threat intelligence enrichment, active response (firewall-drop, host-deny), team notification and case creation in DFIR-IRIS. All within 30 seconds.

Presidio generates automated reports for NIS2 (Art.21 — security measures), GDPR (Art.32 — security of processing) and ISO 27001 (Annex A — security controls). Reports are always current and audit-ready.

You set your own end-client pricing. Our wholesale rates are designed to give partners healthy, predictable margins that scale with your client base. Contact us for the full partner pricing sheet.

Give Your Clients Enterprise Security. Today.

White-label deployment in 48 hours. No hardware. No SOC build. Let's talk about growing your security practice.

Become a Partner Compare Plans